mirai | cb74de70fed42a5c09b3134fd795774fc799f71f7f603f752224eeadb5b42537 | Triage

Sharing

General

Target

cb74de70fed42a5c09b3134fd795774fc799f71f7f603f752224eeadb5b42537.elf
Size

81KB
Sample

250320-etfzdsxlt7
MD5

022ef84c697951a38f9e74307459a16b
SHA1

cc6f42e865d5b8bd40b25bfa72f233697250e047
SHA256

cb74de70fed42a5c09b3134fd795774fc799f71f7f603f752224eeadb5b42537
SHA512

69bb73e6bba31b57561e84e5ab8f29aa0c832ff90ed945e2ac06ee625818c57808e50d416efd9b24e03de7dc977db3570148749ba20c231bdde1a0697edf68df
SSDEEP

1536:jrXYZa2SzTVTTm0qTCIRch6/lH4qkMINJWDJwxvK0z08QIX6LqOf:nYZMzRTHqTCqMaIJ4wxQ8QIXcqO

Score

10^/10

mirai demons discovery linux

Malware Config

Extracted

Family

mirai

Botnet

DEMONS

Targets

- Target
  
  cb74de70fed42a5c09b3134fd795774fc799f71f7f603f752224eeadb5b42537.elf
- Size
  
  81KB
- MD5
  
  022ef84c697951a38f9e74307459a16b
- SHA1
  
  cc6f42e865d5b8bd40b25bfa72f233697250e047
- SHA256
  
  cb74de70fed42a5c09b3134fd795774fc799f71f7f603f752224eeadb5b42537
- SHA512
  
  69bb73e6bba31b57561e84e5ab8f29aa0c832ff90ed945e2ac06ee625818c57808e50d416efd9b24e03de7dc977db3570148749ba20c231bdde1a0697edf68df
- SSDEEP
  
  1536:jrXYZa2SzTVTTm0qTCIRch6/lH4qkMINJWDJwxvK0z08QIX6LqOf:nYZMzRTHqTCqMaIJ4wxQ8QIXcqO
Score

6^/10

discovery
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Internet Connection Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1